Hackers are actively exploiting the critical 0-day Follina vulnerability, which Microsoft is in no hurry to fix. Researchers warn that European governments and municipalities in the US have been targeted by a phishing campaign using malicious RTF documents. Let me remind you that the discovery of Follina became known at the end of May, although… Continue reading Microsoft Is in No Hurry to Fix the Follina Vulnerability, Which Has Become a Real Disaster
Tag: Microsoft
Information Security Specialists Discovered a 0-day Vulnerability in Windows Search
A new 0-day Windows Search vulnerability could be used to automatically open a search box and launch remote malware, which is easily done by simply opening a Word document. Bleeping Computer says the problem is serious because Windows supports the search-ms protocol URI handler, which allows apps and HTML links to run custom searches on… Continue reading Information Security Specialists Discovered a 0-day Vulnerability in Windows Search
Chinese Hackers Attack Fresh 0-day Follina Vulnerability
Experts have warned that Chinese hackers are already actively exploiting a 0-day vulnerability in Microsoft Office known as Follina to remotely execute malicious code on vulnerable systems. Let me remind you that the discovery of Follina became known a few days ago, although the first researchers discovered the bug back in April 2022, but then… Continue reading Chinese Hackers Attack Fresh 0-day Follina Vulnerability
Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office
Security researchers recently discovered a zero-day vulnerability in Microsoft Office dubbed Follina. The bug can be exploited through the normal opening of a Word document, using it to execute malicious PowerShell commands through the Microsoft Diagnostic Tool (MSDT). Let me remind you that we also wrote that Lapsus$ hack group stole the source codes of… Continue reading Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office
Microsoft Experts Found Vulnerabilities in Pre-Installed Android Applications
Microsoft experts have found four serious vulnerabilities in pre-installed Android applications, namely in the framework used by Android applications of several major international mobile service providers. Vulnerabilities were discovered in the platform of mce Systems, an Israeli company that provides software for mobile operators. Let me remind you that we also wrote that About 8%… Continue reading Microsoft Experts Found Vulnerabilities in Pre-Installed Android Applications
Fake Exploits Used to Deliver Cobalt Strike Beacons
Cyble experts have warned that cybercriminals are attacking IS researchers, distributing malware under the guise of exploits for Windows, which eventually installs Cobalt Strike beacons on the experts’ machines. Let me remind you that we also wrote that Emotet now installs Cobalt Strike beacons. Cyble analysts report that malware disguised as PoC exploits for a… Continue reading Fake Exploits Used to Deliver Cobalt Strike Beacons
Microsoft Has Not Fully Coped with PetitPotam Attacks in Windows NTLM Relay
In May, Microsoft released a security update, as it had previously not fully coped with attacks called PetitPotam. The update and mitigation recommendations target a heavily exploited vulnerability in NTLM Relay called Windows LSA Spoofing Vulnerability with the number CVE-2022-26925. Last July, security researcher Gilles Lionel, also known as Topotam, introduced a new PetitPotam method… Continue reading Microsoft Has Not Fully Coped with PetitPotam Attacks in Windows NTLM Relay
Vulnerabilities in Linux Allow Gaining Superuser Rights
A Microsoft specialist has discovered vulnerabilities in Linux systems, the exploitation of which allows quickly gaining superuser rights. In total, two vulnerabilities were discovered (CVE-2022-29799 and CVE-2022-29800) and united under the common name Nimbuspwn. Problems are found in the networkd-dispatcher component of many Linux distributions, which dispatches network status changes and can run various scripts… Continue reading Vulnerabilities in Linux Allow Gaining Superuser Rights
Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks
The US Infrastructure and Cybersecurity Agency (CISA) warned that a vulnerability in the Windows Print Spooler component, patched by Microsoft in February 2022, is being actively exploited by hackers. The issue in question is tracked as CVE-2022-22718 (CVSS score of 7.8) and, according to Microsoft, affects all versions of Windows. At the same time, the… Continue reading Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks
Hack group Lapsus$ returned from “vacation” and announced the hacking of Globant
The Lapsus$ extortionist group has returned from a “vacation” despite the recent arrest of seven of its members. The cybercriminals’ Telegram channel published data allegedly stolen from the Globant software development company. As evidence of the hack, the hackers first posted a screenshot showing a list of folders with the names of various companies from… Continue reading Hack group Lapsus$ returned from “vacation” and announced the hacking of Globant